The Global Eye
What business challenge can we help you solve?
Managed Security Services Provider - MSSP
Global IT Managed Security Services Provider (MSSP) includes helpdesk services and the implementation of technology due diligence to support the existing environments. However, considering today’s and future technology threats, we recognize the increasing need to provide a team dedicated to and supporting Cybersecurity.
Global IT MSSP (Managed Security Service Provider) offers a dedicated, certified, and specialized team that oversees the organization’s cybersecurity and works with the MSP team to implement changes, resolve issues, and mitigate security vulnerabilities.
Managed Security Services Provider – MSSP includes:
- Systems hardening
- Network hardening
- PAM, Privileged Access Management audit
- MFA integrations
- EoL systems management
- ISMP – Information Security Management Plan
- IRP Incident Response Plan
- Backup and recovery planning
- BCP Business Continuity Planning
All remediation of vulnerabilities is immediately recorded and reported to the MSP team to patch and implement fixes.
For organizations that require compliance management and reporting, we recommend the MSSP Security Plus plan at the bare minimum. The Global IT Security Plus MSSP plan includes Global Eye–Sonar Class 3 compliance monitoring and reporting.
Global IT Security Essentials
- Network hardening – protects your business from the outside with real-time threat intelligence and comprehensive network controls.
- Systems hardening – Ensures your systems are compliant by eliminating risky configurations and services.
- Regular updates & patching – Zero-day and vulnerability notification and remediation guidance.
- Identity and Access Management—IAM is configured to ensure that only authorized people have access to your systems and data.
- Security User Awareness Program – Keep your users security savvy with security-based user awareness training.
- Engage annually with 3rd party insurance renewal documentation (written only)
Global IT Security Plus
- Includes all the components from the essentials plan and in addition
- Network hardening – protects your business from the outside with real-time threat intelligence and comprehensive network controls.
- Systems hardening – Ensures your systems are secure and compliant by eliminating risky configurations and services.
- Regular updates & patching – Zero-day and vulnerability notification and remediation guidance.
- Monthly vulnerability, threat, and attack surface reports – Know which systems and networks are vulnerable, and provide specific information on the type of threats your organization faces.
- Compliance Readiness Review: Know where you stand with your sensitive data. Compliance frameworks include CCPA, PCI-DSS, and HIPPA.
- Identity and Access Management—IAM is configured to ensure that only authorized people have access to your systems and data.
- Email Security – Email hardening and security. Includes tailored phishing campaigns and reports on user awareness.
- Security User Awareness Program – Keep your users security savvy with security-based user awareness and training.
- Engage annually with 3rd party insurance renewal documentation and 3rd party audit support with control evidence and documentation.
Global IT Vanguard Security
- Includes all the components from the Essentials and Plus MSSP plans, with the following added services and benefits:
- Network hardening – protects your business from outside IT with real-time threat intelligence and comprehensive network controls.
- Network Monitoring—Seconds count. Real-time network threat monitoring helps identify threat trends and usage and supports incident response.
- Annual Network Penetration Testing—Once annually, external or internal network penetration testing, also known as Pen testing, shines a light on your network and validates the controls in place.
- On-site Security Review – Most organizations fail to realize the value of physical security. Whether a data center or office location, physical security
- Systems hardening – Ensures your systems are secure and compliant by eliminating risky configurations and services.
- Regular updates & patching – Zero-day and vulnerability notification and remediation guidance.
- Endpoint Detection and response (EDR): Protect your Endpoints with a local firewall, antimalware, and file integrity monitoring. Keep your endpoints safe with customized EDR.
- Monthly vulnerability, threat, and attack surface reports – Know which systems and networks are vulnerable and specific information on the type of threats your organization faces.
- Compliance Readiness Review: Know where you stand with your sensitive data. Compliance frameworks include CCPA, PCI-DSS, and HIPPA.
- Identity and Access Management—IAM is configured to ensure that only authorized people have access to your systems and data.
- Email Security – Email hardening and security. Includes tailored phishing campaigns and reports on user awareness.
- Security User Awareness Program – Keep your users security savvy with security-based user awareness and security training.
- Engage annually with 3rd party insurance and security audits.
Additional Services
- Compliance Readiness for PCI-DSS, HIPPA, CCPA
- Internal Network and Systems Review
- Internal and External Penetration Testing
- Comprehensive Cyber Security Policy Creation
Why Choose the Global Eye Security Monitoring System?
Free protection can be unreliable, ineffective, and preinstalled with spyware. Data loss, outage time, ransomware, or damaged reputation can cost your business thousands of dollars. Investing in reliable data security systems is a great way to protect your brand and business operations.
One of our customers (5-star hotel in Beverly Hills) decided to make the switch to Global IT. They already had a security system, but we recommended they switch. Immediately, Global Eye picked up malware and security vulnerabilities that their old vendor and software didn’t detect. Global IT quickly took control of the malware and removed it, never to return again.
With vast experience, Global IT Eye can detect vulnerabilities that our competitors cannot.
Security systems are great but only fully effective with a well-orchestrated, managed service provider plan.
- Flow record with blacklist monitoring
- Penetration testing
- Policy enforcement
- Remote and on-site support
- Onsite preventative maintenance and support
- Monitor network health and performance
- Track and work with 3rd party vendors
- Long and short-term planning
- Hardware/software sourcing
- Telecom Services Monitoring
Managed services packages can be customized for every business demand.
Global IT has 100% 5-star reviews on Yelp and was ranked one of the 30 Best Small Companies to Watch by the Silicon Review. Shop our managed IT packages today.
Sonar Class 1 is our server based application that is used for server specific resource events, resource alerts, monitoring and logging of anything related to a server where this is installed on. Sonar Class 1 is a license that can be added to any device and reports data back to our logging server that is monitored daily by an administrator.
- Network: Incoming and outgoing traffic, bandwidth usage, packet loss, interface error rates, TCP connections, link status, and interface speed
- Servers: Load on processors, network cards, and memory, amount of space on hard drives, and temperature of components
- Websites: Validity of SSL certificates
- Applications: Correct execution of SQL queries
Along with the Global IT MSP and MSSP plans, Global IT will proactively open tickets, logging events that arise concern that could cause any potential performance issues. Issues such as resource limitations, unusual resource activities, spikes in load, and everything that can help us understand what specifically is happening on the device this agent is installed on.
Sonar Class 2 is included with our premium and enterprise MSSP Managed Security Service Provider plans.
Sonar Class 2 includes constantly scanning the network for newly added devices, rouge devices, recording and logging every single IP connection from outside in and inside out, for everything that passes through the internet interface we have configured. The logs are then retained and queried for alerts, unusual activities, etc.
- Traffic in/out logging and reporting what type of traffic, etc.
- IP lookup and policy association (good, alert, bad)
- Monitoring network performance, detecting spikes, analyzing behaviors, detecting drops, traffic distribution, trends, etc.
- Monitor network activity with hosts and flows, and uncover suspicious or unwanted network activities.
- Logging all network devices, and recording logins, configuration changes, etc.
Sonar Class 2 is a very powerful tool in the right hands and is ideal for large organizations and network engineers looking for visibility into network traffic. Sonar Class 2 empowers Global IT MSSP teams with the ability to view active traffic, and provide immediate action and responses to potential threat actors.
Sonar Class 3 is a vulnerability and compliance management platform that automates measuring and reporting under careful the direction from the technical team. The licensed tool scans client devices for the latest threats, it identifies security vulnerabilities and associates the risk against compliance frameworks and provides automated reporting that demonstrates company wide machine vulnerabilities.
Securing Medical information is critical to patients. HIPAA provides a framework of policies that adhere to international standards of securing patient information. NIST SP 800-Series Compliance is the standard for HIPAA framework. Global IT maintains Certified Cyber Security Framework Practitioners that help uphold HIPAA and HITRUST framework values.
- Categorize the data and information you need to protect
- Develop a baseline for the minimum controls required to protect that information
- Conduct risk assessments to refine your baseline controls
- Document your baseline controls in a written security plan
- Roll out security controls to your information systems
- Once implemented, monitor performance to measure the efficacy of security controls
- Determine agency-level risk based on your assessment of security controls
- Continuously monitor security controls
- Penetration testing and reporting
Any business that stores, processes or transmits cardholder data is required to be PCI compliant. Like any compliance regime, PCI DSS can be complex and difficult to manage. Attention to detail sets our managed compliance services apart from the competition. We strictly follow the Global IT Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS outlines the best practices for securing credit card data that is stored, processed or transmitted. Global IT is certified as a PCI DSS Service Provider and conduct monthly scanning of required systems.
- Certified PCI DSS compliant as a Service Provider and Merchant
- Auditing of systems for PCI preparation
- Monthly scanning of systems
- Remote Access Solutions
- Alerts and reporting
- Ongoing management, patches, updating
- Policy & procedure development
- Technology security assessments
- Technology vendor assessments
- Develop technology security policies
- Develop network security policies
- Develop personnel security policies
- Define rules and guidelines for exposure
- Define and maintain vulnerabilities
- Implement and manage the policies
SOC1 and SOC2 are attestation standards issued by the American Institute of Certified Public Accountants (AICPA) that addresses examination engagements for service providers.
Each year, an external auditing firm completes System and Organization Controls (SOC) 1 Type 2 and SOC 2 Type 2 reviews of our data center facilities. The reports provide customers with the assurance of corporate controls, including security and environmental compliance, and validation of the Data Centers’ commitment to the most stringent standards of excellence in our data center operations.
Global IT Data Center (LA4) developed internal control objectives to support first-class data center management services that were used to complete the SOC 1 examination. The SOC 2 examination uses standardized, third-party criteria to validate the Data Centers’ compliance outlined in the Trust Services Principles.
ISO 27001
Our Data Center facility has achieved the International Organization for Standardization certification (ISO 27001) covering both corporate policies and procedures. The ISO/IEC 27001:2013 certification is one of the most stringent certifications for information security controls and confirms the information security controls and other forms of risk treatment are in place to detect and defend against potential data system vulnerabilities. This prestigious, internationally-recognized certification reflects our commitment to provide customers with secure, reliable, and high-performance data center Cloud solutions.
NIST 800-53
Each year, an independent Third Party Assessment Organization (3PAO) firm completes an external assessment to validate our Data Centers’ strict adherence to the National Institute of Standards and Technology Publication Series 800-53 (NIST 800-53) high-impact baseline controls and additional Federal Risk and Authorization Management Program (FedRAMP) requirements. The scope of the assessment includes a subset of control families applicable to colocation services at our data center facilities. The utilization of the high-impact baseline controls for NIST 800-53 reflects our commitment to successfully delivering the most rigorous compliance standards to support our customers’ Federal Information Security Management Act (FISMA) and FedRAMP compliance efforts. NIST 800-53 is a publication that recommends security controls for federal information systems and organizations. NIST 800-53 is published by the National Institute of Standards and Technology which creates and promotes the standards used by federal agencies to implement FISMA and manage other programs designed to protect information and promote information security.
Global IT Cyber Security training is live!
Test, train and certify your employees with the Global IT Cyber Security
GLOBAL IT EMAIL SECURITY
Basic:
- Enterprise protection from spoofed emails. People pretending to be you
- AI-powered – Bi-weekly email testing and awareness for yourself and employees
Enhanced:
- Enterprise protection from spoofed emails. People pretending to be you
- AI-powered – Bi-weekly email testing and awareness for yourself and employees
- Comprehensive Enterprise Email Protection license
Ultimate:
- Enterprise protection from spoofed emails. People pretending to be you
- AI-powered – Bi-weekly email testing and awareness for yourself and employees
- Comprehensive Enterprise Email Protection license
- O365 Complete Mailbox Backup for all or select accounts
Continuously test your employees with real-world phishing scenarios so that you maintain a high level of security awareness. With many pre-configured phishing templates and scenarios that are ready for immediate use. Unlike other platforms, you can also fully customize any aspect of the templates in our library, create and build your own, or clone actual phishing scenarios. Some core features of the phishing simulator include:
Full Library of Pre-built Phishing Emails & Scenarios
- Form & Credential Harvesting Scenarios
- Attachment Testing (With Macros)
- Phishing Reply Tracking (Spear Phishing Scenarios)
- USB Drive Testing
- All Existing and Upcoming Templates (Phishing & Training Templates)
- Unlimited Template Customization & Creation
- Active Directory & Other Directory Integrations
- Admin Management Console
- Automated Workflow & Scheduling Features
- Global API
- Admin Users & Companies/Groups
- Workstation Scanning-Username, IP address
- Advanced Theme Selector
- Multiple Language Support
- Professional Services
Training your end users is vital to a successful security program and we offer multiple training options that will assist in developing a culture of security awareness. Features & functionality include:
- Report Phishing Button (Plugin for Office365 and Outlook)
- KillPhish – Email Inbox Analyzer
- Level 1 Education – Training Moments & Templates
- Level 2 Education – Course Module & Expanded Training
- Dedicated Training Portal for End Users
- Utilize the Built-In Courses, or Customize and Create Courses
- Course Enrollment Via Campaign Failure or Batch Enrollment
- Private-Labeling Capabilities (MSP and Resellers)
- External LMS Integration – Connect & Sync with your Existing LMS
- Upload SCORM Compatible Training Directly into Phishing
- Ongoing Training & Education
Analyze test results and validate security awareness with robust reporting. Obtain aggregate reports or get details on specific personnel:
- Create Fully Customized Reports with Cover Pages
- Advanced and Custom Reporting
- Advanced Analytics
- Full Access to Reporting and Data at all Times
Endpoint Detection & Response (EDR)
Surveys show that 11% of cybersecurity breaches are targeted attacks, and 13% are acts of corporate espionage, designed to steal state or trade secrets. Malware and account takeovers are involved in 48% and 14% of attacks respectively.
Almost every industry and every level of government agency are under attack. Organizations are justified in looking for additional security tools to discover and thwart such attempts. A main goal of EDR is often reducing the Mean Time To Respond (MTTR), given that many reports show that attackers can spend months inside organizations before being detected.
EDR solutions look for evidence and effects of malware or other malicious activities that may have slipped past Endpoint Protection (EPP) products and other security tools, such as email/web gateways. Security professionals refer to such data points as Indicators of Compromise (IOCs). Examples of IOC types include:
EDR Enterprise Inspector collects and analyzes information to help security analysts determine if malicious activities have occurred. The solution also allows for pre-configured remediation actions to be executed when certain conditions are met.
- MD5 file hashes
- Known bad IPs and URLs
- File/process name mismatches
- Unusual application and network port usage
- Unusual process injections
- Module load point modifications
- Registry changes
Strengths
- Scoring system for behavioral rules & detailed auditing functionality for admins
- Excellent implementation of multiple, advanced ML algorithms for discovering malicious activity patterns
- Support for most commonly used and requested automatic response options
- UEFI and MFT scanning helps find rootkits that other solutions may miss (Endpoint Security)
- Integration with PAM tools